A new free AI chatbot from Chinese startup Z.ai is drawing global attention after researchers found it can build applications, write code, and identify software vulnerabilities at a level comparable to Anthropic’s highly restricted Mythos 5 model. Unlike its US counterpart, GLM-5.2 is openly available for anyone to download, run locally, and modify, raising fresh concerns about the growing accessibility of advanced cybersecurity AI.
The development comes weeks after the US government temporarily restricted Anthropic’s Mythos 5 and Fable 5 models over national security concerns, citing the risk that Fable 5’s safety protections could be bypassed. Access has since resumed under strict controls, with Mythos 5 remaining limited to around 100 approved US organizations and government agencies, while Fable 5 is available only through a premium subscription.
Researchers say GLM-5.2 delivers comparable performance in advanced coding, software engineering, and vulnerability detection. Because it is released as an open-weight model, users can run it on their own hardware without relying on a cloud provider or built-in safety controls, making its use far more difficult to monitor.
Independent evaluations by cybersecurity firms Semgrep and Graphistry found the model highly capable of discovering software bugs and performing complex cybersecurity tasks. Graphistry researchers also suggested GLM-5.2 may have benefited from AI distillation, a technique in which a smaller model learns from more advanced systems such as OpenAI’s GPT-5.5 and Anthropic’s Opus 4.8, potentially accelerating its development.
Cybersecurity consultants have also reported that jailbreak methods for GLM-5.2 are already circulating on Russian-language hacking forums, fueling concerns that the model could be exploited by cybercriminals to automate vulnerability discovery, develop exploits, and conduct attacks without the safeguards typically enforced by commercial AI providers.
The emergence of increasingly capable open-weight AI models has intensified the debate over balancing open innovation with cybersecurity, as frontier-level AI capabilities become accessible to a much wider audience.





